This Accord, between Australia’s customer owned banks, mutual banks, building societies, credit unions and commercial banks is a comprehensive set of anti-scam measures across the entire industry.

“This Scam-Safe Accord is a new offensive in the war on scams. It reflects the banking sector’s unwavering commitment to safeguarding every Australian. It outlines the actions every bank will take to protect Australian consumers and small businesses and to harden the system against scams,” said ABA CEO Anna Bligh.

“The initiatives we launch today are a significant step forward and demonstrate the banking industry’s commitment to fight scams. It doesn’t matter if someone banks with a regional mutual bank or the largest bank in the country, customers can be confident their bank is working hard to protect their money,” said COBA CEO Mike Lawrence.

At the heart of the Scam-Safe Accord is a $100 million investment by the industry in a new confirmation of payee system to be rolled out across all Australian banks. Confirmation of payee will help reduce scams by ensuring people can confirm they are transferring money to the person they intend to.

With 15.4 billion transactions worth $2.5 trillion occurring every year across the banking sector, the design and build of an industry wide confirmation of payee system is a major undertaking. Design of the new system will start straight away and it will be built and rolled out over 2024 and 2025.

Banks have committed to introduce new and higher protections into their systems, meaning customers should expect more warnings and delays when paying someone new or increasing payment limits. To prevent misuse of accounts through identity fraud, all banks will uplift technology and controls, including all major banks introducing unique identification measures known as biometric checks when opening new accounts.

In addition, the Scam-Safe Accord includes a major expansion of intelligence sharing across the sector with all banks acting on scams intelligence from the Australian Financial Crimes Exchange by mid-2024, and joining the Fraud Reporting Exchange. This means critical information is shared across the banking sector at speed about scam transactions, improving the chances of preventing scams and recovering stolen funds.

“Preventing scammers from taking the hard-earned money of everyday Australians is a shared responsibility. As scammers work hard to devise new ways to steal money, it’s critical that governments, industry and consumers remain vigilant to make Australia a hard target for scammers,” said Mike Lawrence.

“Recent data from banks shows that $600 million in stolen funds has been returned to customers over the last year. To keep up this effort it is critical that government, banks, telcos, social media and crypto platforms work together as part of an eco-system to stay one step ahead of sophisticated criminal gangs,” Anna Bligh said.

Banks play a key role but are only one part of the solution. The ABA and COBA look forward to seeing details from other sectors about their plans to proactively address scams.

The Scam-Safe Accord initiatives are based on the principles of disrupt, detect and respond. They include the following commitments from banks. The initiatives define a banking sector industry standard following the authorisation, from the Australian Competition and Consumer Commission in August for ABA banks to work collectively to develop initiatives to help reduce scams.

Scam-Safe Accord 

The Accord applies to all members of the Australian Banking Association and the Customer Owned Banking Association, and includes banks, mutual banks, credit unions and building societies.

The Australian Banking Association’s membership is comprised of 20 banks from across Australia. The ABA advocates for a strong, competitive and innovative banking industry that delivers excellent and equitable outcomes for customers.

The Australian Financial Crimes Exchange: Providing security capabilities, technology, and intelligence in one central platform, the AFCX brings together businesses, government, law enforcement agencies and industry groups to protect Australian consumers and businesses from financial crime, cyber-crime and scams.

The Customer Owned Banking Association is the industry association for Australia’s customer-owned banking institutions – mutual banks, credit unions and building societies. COBA champions the customer owned banking model and advocates for a more competitive retail banking sector that benefits all Australians.

The post Banks unite to declare war on scammers appeared first on Small Business Connections.

Strengthening Industry-Government Collaboration

Industry experts applaud the strategy’s emphasis on fostering stronger collaboration between the government and the private sector. As David Hayes, Regional Director ANZ at Arctic Wolf, points out, “Sharing threat intelligence in real-time is crucial in staying ahead of malicious actors.” This collaborative approach will enable the security community to anticipate and effectively counter emerging cyber threats.

Tackling the Culture of Concealment

The strategy also addresses the pervasive culture of concealing cyberattacks within organizations. Mark Thomas, Director of Arctic Wolf Security Services, ANZ, highlights the alarming statistic that “a quarter of ANZ organizations knowingly concealed a cyberattack to avoid reputational damages.” This culture of silence hinders effective response and recovery efforts. The government’s efforts to promote transparency and collaboration are essential in addressing this issue.

Supporting SMBs

SMBs, the backbone of the Australian economy, face unique challenges in cybersecurity. The strategy’s $18.2 million funding package for SMBs is a welcome step towards bolstering their cyber resilience. This funding will support initiatives such as the cyber health-check program, which will provide SMBs with tailored assessments of their cybersecurity posture.

Measuring Cyber Maturity

The strategy also emphasizes the importance of measuring cyber maturity. Robert Le Busque, Regional Vice President, Asia Pacific, at Verizon Business, underscores the significance of this aspect, stating, “Measuring cyber maturity is essential to efficiently managing business risk.” By understanding their cyber maturity levels, businesses can effectively allocate resources and implement appropriate security measures.

Addressing Ransomware Threats

Ransomware attacks continue to pose a significant threat to Australian businesses. Verizon’s Data Breach Investigations Report (DBIR) reveals that the cost per ransomware incident has doubled over the past two years. The strategy’s focus on combating ransomware is crucial in mitigating this growing threat.

Embracing Resilience and Collaboration

In today’s interconnected world, resilience is paramount. As Robert Le Busque aptly states, “When it comes to digital resilience and ensuring Australia’s survival within this region (and the world), we need to acknowledge our dependence on increasingly distributed and public networks.” The strategy’s emphasis on building true resilience and fostering collaboration is essential in safeguarding Australia’s digital future.

Conclusion

The Australian government’s $586.9 million National Cyber Security Strategy is a significant step towards protecting the nation’s digital infrastructure and businesses. By fostering industry-government collaboration, addressing the culture of concealment, supporting SMBs, measuring cyber maturity, combating ransomware threats, and embracing resilience and collaboration, the strategy lays a solid foundation for a more secure and prosperous digital future for Australia.

The post The new cybersecurity funding: what it means for your SME appeared first on Small Business Connections.

The National Anti-Scam Centre has detected a concerning increase in the number of reports of fake websites that look like genuine online retail stores belonging to many big-name, high street brands.

So far this year, there have been 2,760 reports of fake online stores, resulting in losses of more than half a million dollars. In total, online shopping scams cost Australians over $6.2 million, between 1 January and 30 September, 2023.

The consumer warning comes ahead of the Black Friday, Cyber Monday sales weekend, during which shoppers are tipped to spend a reported $6.36 billion.

“Scammers are opportunistic criminals who will try to take advantage of people doing their Christmas shopping online during the upcoming Black Friday and Cyber Monday period,” ACCC Deputy Chair Catriona Lowe said.

“We have seen an alarming increase in reports of fake online shopping website scams, which use the latest technology to look like genuine, well-known Australian fashion and footwear labels.”

“A recent, disturbing development is that scammers are paying for their fake websites to appear at the top of your internet search. This means you can’t necessarily trust the first listing you see,” Ms Lowe said.

“As an alternative, consumers may wish to familiarise themselves with the site addresses of their favourite brands and navigate there directly or scroll down the search results to ensure they find the real site.”

“Consumers should also be aware that scammers are using social media platforms to set up bogus stores and to advertise their fake websites,” Ms Lowe said.

The National Anti-Scam Centre has been working with retailers to disrupt scam activity. It has also published advice for businesses impacted by scammers impersonating them.

“As scammers have been primarily targeting fashion and shoe retail brands, we have focused our disruption efforts on this space, helping retailers remove a number of fake websites,” Ms Lowe said.

“We commend those retailers who have taken proactive steps to warn their customers about scam websites impersonating their brands.”

Scams Awareness Week

The fake retail website scam is just one type of impersonation scam the National Anti-Scam Centre is warning about this Scams Awareness Week (27 November – 1 December 2023).

In 2023, impersonation scams accounted for more than 70% of the 234,672 reports to Scamwatch. There are many types of impersonation scams, spanning everything from text messages impersonating banks to job advertisements impersonating high-profile recruitment agencies and companies.

The top three most reported impersonation scams were road toll scams (19,141 reports), Australian Government impersonation scams (17,770 reports) and “Hi Mum” family impersonation scams (9,307 reports). The impersonation scams with the highest losses were imposter bond scams ($35 million lost), business email compromise scams ($14 million lost) and bank impersonation scams ($11 million lost).

“Impersonation scams have robbed Australians of $92 million this year,” Ms Lowe said.

“That’s why, during Scams Awareness Week, we are encouraging consumers to ask themselves if they really know who they are communicating with, whether it be online or  by text, phone or email. Could you be speaking with a scammer?”

“If you are shopping online, search for independent reviews to check if it’s real and never pay by direct bank deposit, money transfers or digital currencies such as Bitcoin. You should pay by PayPal or credit card. You may want to keep a second credit card with a low credit limit just for online shopping,” Ms Lowe said.

Further information and resources on Scams Awareness Week are available here.

How fake retail website scams work

• Scammers use the latest technology to set up fake retail websites that look like genuine online retail stores. They may use sophisticated designs and layouts, possibly stolen logos, and even a ‘.com.au’ domain name and stolen Australian Business Number (ABN).
• Many of these websites offer luxury items such as popular brands of clothing, jewellery and electronics at very low prices. Sometimes you will receive the item you paid for but they will be fake, other times you will receive nothing at all.
•  Scammers also set up fake online stores on social media platforms. They open the store for a short time, often selling fake branded clothing or jewellery. After making a number of sales, the stores disappear. They also use social media to advertise their fake website, so do not trust a site just because you have seen it advertised or shared on social media. The best way to detect a fake trader or social media online shopping scam is to search for independent reviews before purchasing.

Protect yourself

• Watch out for websites or sellers advertising at very low prices, often lower than comparable to identical items on other websites. Slow down and consider whether a sale is too good to be true.
• You can report sponsored adds to Google in ‘My Ad Centre’.  This can be accessed by clicking on the three stacked dots  to the right of the sponsored ad.
• Always access websites via an independent search rather than through links in emails, SMS or social media.  Use apps from official app stores where available.
• Learn how to shop online securely visit:  https://www.cyber.gov.au/protect-yourself/staying-secure-online/shopping-and-banking-online/online-shopping Use secure devices, avoid public wifi and ensure that you set up multi factor authentication.
• Never pay by direct bank deposit, money transfers or digital currencies such as Bitcoin as you won’t be able to get your money back. You should pay be PayPal or credit card. You may want to keep a second credit card with a low credit limit just for online shopping.

Top tips for avoiding scams

STOP – Don’t feel pressured to act on a deal that is only offered for a short time. Scammers will try to make you feel like you have to act quickly. Don’t rush to act. Take your time to consider if the sale item is real.

THINK – Ask yourself could the website or sale item be fake? Scammers are impersonating trusted brands. Search for independent reviews or contact the retailer using contact information you source independently, so you can verify the deal is real.

PROTECT – Act quickly if something feels wrong. Contact your bank immediately if you have lost money to a scammer. Seek help from UIDCARE and report to Scamwatch.

The post Online bargains this Black Friday? Make sure it’s the real deal… appeared first on Small Business Connections.

“One of the biggest fears a small business has is that they will be targeted and wiped out by a cyber attack and we are pleased our strong advocacy for greater sector-wide support has been heard,” Mr Billson said.

“The latest chilling report from the Australian Cyber Security Centre is that a cyber attack happens every six minutes and when a small business is hit, on average they suffer a financial loss of $46,000.

“Some never recover from the assault on their operations and their reputation and today’s announcement offers practical help to minimise the chance of being a victim and better prepare small businesses to bounce back.

“These announcements will provide the type of concierge-style support we have advocated for to assist small business to be as prepared as they can be by providing a free check on their readiness and then advice on actual practical steps that can be taken to further strengthen their business.

“This will include one-to-one support in the event of an attack to help a small business rebound and recover.”

Mr Billson said small business would greatly appreciate the two programs announced by Small Business Minister Julie Collins and Cyber Security Minister Clare O’Neil.

Under the announcements, $7.2 million will create a voluntary cyber health check program to allow businesses to undertake a free, tailored self-assessment of their cyber security maturity and determine the strength of their cyber security measures with educational tools and materials they may need to upskill. Those with a high-risk exposure will be able to access a more sophisticated, third-party assessment to provide additional security across national supply chains.

A further $11 million will be spent on the Small Business Cyber Resilience Service to provide one-on-one assistance to help small businesses navigate their cyber challenges, including walking them through the steps to recover from a cyber attack.

“Small businesses can’t hope to have the same sophisticated resources and teams of cyber experts as larger companies who still fall victim to ever more sophisticated attacks,” Mr Billson said.

“Small and family businesses are sadly a preferred target for some of the scammers and cyber-criminals and these new programs will give small business greater confidence they are not alone.

“The most prominent type of attack is a cyber-criminal will tap into a small businesses email system, intercept an invoice that’s going out from the business and put in some different bank account details.

“The unsuspecting customer is expecting the bill and probably knows the amount they have to pay so when it arrives they just settle that account.

“However, the money goes to some joker on the other side of the world, is quickly converted into crypto currency and is gone.

“Other attacks involve phishing scams, where a small business receives an email that looks okay, but it allows entry into their digital infrastructure and the criminals demand a payment for to access your own information.”

Mr Billson said there are simple steps a small business can take right now including having multi-factor authentication, sophisticated passwords or pass phrases, making sure not everybody’s got full access to all parts of your technology, having secure backups of critical data and checking with the Cyber Security Centre at www.cyber.gov.au

Mr Billson said that the voluntary cyber health check program, as well as third-party assessments and assistance, should be built into a new right-sized privacy compliance framework for small business, given the government’s decision to remove the small business exemption from the Privacy Act.

“Incorporating cyber-security guidance and Consumer Data Right rules into actionable steps for small businesses to meet their privacy obligations will help protect small businesses, reduce compliance burdens and address priority privacy concerns for individuals,” Mr Billson said.

The post Don’t let a cyber attack kill your SME: new program offers free assessment appeared first on Small Business Connections.

A key call out for the industry is the emerging role that Artificial Intelligence (AI) is likely to play in preventing and responding to retail crime and the potential impacts of this engagement. 

The following summarises Professor Townsley’s response.

What role is AI likely to play regarding retail crime?

It is too early to be definitive, but the pace of development is staggering.  

1. Video Surveillance and Analysis: CCTV systems require human monitoring, which can be labour-intensive and prone to errors. AI-enhanced surveillance systems can automatically detect suspicious activities and alert staff in real-time. These systems can recognise patterns, faces, and even predict potential theft based on behaviour or gestures. The applications for self-checkout are noteworthy – supervising customers to a level that would be cost-prohibitive for staff on a 1:1 basis. 
2. Predictive Analytics: AI can analyse vast amounts of data to predict which products are most likely to be stolen, when thefts are most likely to occur, and which locations are most at risk. Customer behaviour (dwell time, wayfinding, gait/walking style) could be quantified and tracked with a view to prioritise abnormal behaviour.
3. Fraud Detection: AI can analyse transaction data to detect unusual patterns or behaviours that might indicate fraud. For instance, frequent returns, unusual purchase patterns, or the use of stolen credit card information can be flagged for further investigation. 

From an academic perspective, it is yet to be seen how the technologies are implemented with existing systems and processes and what compensating activities are put in place to accommodate AI. Offenders are superb at probing for vulnerabilities and loopholes in systems, so it should be expected that they will locate and exploit any weak points.

If we consider the ways organised offenders may employ AI, several ideas are obvious 

1. Data Theft and Breaches: AI tools can be used by malicious actors to identify vulnerabilities in a retailer’s digital infrastructure, leading to data breaches. This can compromise customer and employee data.
   
2. Fraudulent Transactions: AI can be used to generate fake invoices and account takeovers — see FraudGPT.
   
3. Targeted Scams: By analysing customer data, AI can be used to craft highly personalised phishing scams or fraud schemes targeting specific customers or employees.

How might confrontational situations, like using self-serve gates to prevent exits, parallel concerns with AI surveillance in loss prevention?

While AI-powered surveillance can help in loss prevention, it can be seen as a form of surveillance capitalism. Unauthorised tracking, facial recognition without consent, or profiling based on behaviour can lead to significant privacy concerns and customer dissatisfaction.

The National Retail Association is continuing with state-based Retail Crime Committees, with the second round of bi-annual meetings currently underway. We look forward to welcoming industry and facilitating valuable information sharing sessions, ahead of the busiest season in retail. 

The post What role is AI to play in preventing retail crime?  appeared first on Small Business Connections.

Norton, a global leader in Cyber Safety, has just released its 2023 Holiday Norton Cyber Safety Insights Report, shining a light on the rising threats to online security as Australians start working through their Christmas shopping lists.

As we all know, the holiday season marks a significant increase in the time we spend shopping online, and this year, Australians are more reliant on online retailers than ever before. Businesses should understand what Aussies are concerned about in the lead up to Christmas as it’s a big time of year for small business.

Key findings from the report include:

1. 7 out of 10 Australians are concerned about their personal details being compromised, and over 55% are worried about AI shopping scams.
2. Almost 3 in 10 Australians (28%) are feeling uncertain about their ability to stay safe while shopping online, particularly when facing evolving and sophisticated scams.
3. Over 1 in 4 Australians have admitted to being targeted by scams during previous holiday seasons, and with the proliferation of new AI tools, the threat is even more apparent.
4. A growing worry for more than half (58%) of Australians is the potential for their older loved ones to fall for suspicious email or text scams offering sales.
5. Almost two-thirds (64%) believe that scams are more prevalent during the holiday season compared to other times of the year. Victims have reported significant financial losses, with some individuals losing as much as 50,000 AUD.
6. Scammers have moved beyond traditional channels, with 37% of victims targeted through social media. This highlights the need for Australians to stay educated and aware of evolving threats when buying gifts online.

The post 70% of Australians concerned about scams this holiday season appeared first on Small Business Connections.

• Shop on trusted websites. Only shop on websites that you know and trust. One way to check if a website is trusted is to look for the HTTPS:// prefix in the URL. This indicates that the website is using a secure connection.
• Beware of phishing emails and text messages. Phishing emails and text messages are designed to look like they are from a legitimate company, such as a bank or credit card company. The goal is to trick you into clicking on a link or entering your personal information. If you receive an email or text message from a company that you are not expecting, do not click on any links or enter any information. Instead, go to the company’s website directly and log in to your account.
• Use strong passwords and enable MFA. Use strong, unique passwords for all of your online accounts. It is also a good idea to enable multi-factor authentication (MFA) on all of your accounts. MFA adds an extra layer of security by requiring you to enter a code from your phone in addition to your password when you log in.
• Be careful about what information you share online. Do not share your personal information, such as your Social Security number or credit card number, with anyone you do not trust. Be especially careful about sharing your information on social media.
• Keep your software up to date. Make sure that your computer’s operating system and software are up to date. Software updates often include security patches that can help protect your computer from malware and other threats.

Here are some additional tips to keep in mind during the festive shopping season:

• Beware of deals that seem too good to be true. If a deal seems too good to be true, it probably is. Scammers often use fake deals to lure people into giving them money or personal information.
• Be careful about using public Wi-Fi. Public Wi-Fi networks are not secure, so it is best to avoid using them to make online purchases or enter sensitive information.
• Monitor your bank statements and credit reports regularly. Review your bank statements and credit reports regularly for any unauthorized activity. If you see anything suspicious, contact your bank or credit card company immediately.

Also read: Knowing your enemy: 1/3 Australian SMEs have been victims of cybercrime

The post 5 Tips to make sure you’re shopping safely online appeared first on Small Business Connections.

The purpose of this study is to understand attitudes and perceptions from consumers on cybersecurity across the US and UK, with a particular focus on how different age demographics fare in protecting themselves online. Additionally, the survey aimed to learn if consumers are concerned about protecting their online accounts, and if so, how they are protecting them.

“While it is technically easy for retailers to implement basic username and password authentication for their customers, these types of credentials alone are easy for attackers to circumvent, allowing unauthorised access to online accounts,” said Ben Eichorst, director of infrastructure security at Yubico. “During busy online shopping months, consumers may be tempted to adopt risky habits such as reusing passwords across services, or clicking on order information links that appear legitimate. These kinds of behaviours put consumers at a higher risk for their accounts to be compromised.”

Key findings from the research indicate that:

• While 80% of survey respondents are concerned about cybersecurity when it comes to their online accounts, 39% admitted to using the same passwords for multiple accounts.
  • Boomers are the least likely to reuse passwords (20%), while Millennials are more than twice as likely to reuse passwords (47%) across their accounts.
• A significant part of online shopping revolves around trusting an online retailer is who they say they are, and effectively safeguarding your personal and financial information. Despite a mistrust of online retailers, consumers are still storing their personal and financial information on these websites.
  • About one third of respondents (32%) are not confident that they could spot a fraudulent or fake online retailer.
  • About one in three do not “completely” or “mostly” trust the websites they use to effectively protect their personal/credit card information.**
  • 33% of respondents save their credit card information in their online accounts.
• The study shows the Boomers have a greater mistrust of websites than Millennials, potentially leading them to have better online privacy practices.
  • 37% of Millennials save their credit card information in their online accounts, while only 19% of Boomers do.
  • On average, Boomers (42%) are almost twice as likely to not feel confident in their ability to spot a fraudulent online retailer than Gen Z (23%) and Millennials (29%).
• Despite being concerned about cybersecurity, approximately one out of two (49%) respondents stated that they do not use MFA, don’t know what it is or are not sure if they have MFA turned on.
  • In most other categories, Boomers reported having better cybersecurity hygiene, however, 71% of them report that they do not use MFA, don’t know what it is or are not sure if they have MFA turned on.
  • Millennials, on the other hand, report being more in-tune with today’s modern security offerings with only 52% of them reporting that they do not or are not sure if they have MFA turned on for their active online accounts.

“96% of respondents in our study plan to shop online between October and December, which makes now an ideal time to review online security habits,” Eichorst continued. “While there is much that can be done to improve security, the first step for consumers is to review existing sign-in methods, creating unique credentials stored in a trusted password manager, and, if possible, upgrading login methods to use strong, phishing-resistant, multi-factor authentication solutions, such as the YubiKey.”

Also read: Knowing your enemy: 1/3 Australian SMEs have been victims of cybercrime

The post Are Boomers better at cybersecurity than Millennials and Gen Z? appeared first on Small Business Connections.

Graham Neilson, a seasoned cyber expert from Geonode, sheds light on the most common cybercrime tactics used against small businesses:

Knowing Your Enemy: Cybercrime Threats for Small Businesses

• Phishing Attacks: These involve sending deceptive emails to get sensitive data like login credentials and credit card details from unsuspecting employees.

• Ransomware Attacks refer to when fraudsters encrypt files, effectively locking businesses out of their own systems and demanding a ransom in exchange for the keys to decrypt the files.

• Man-in-the-Middle (MitM) Attacks: Cybercriminals position themselves in the two-party transaction process, intercepting and potentially altering the communication.

Constructing a Robust Cybersecurity Infrastructure: Geonode’s Top Tips

“Small businesses need to be proactive, not reactive, when it comes to cybersecurity. Building a resilient digital infrastructure is an essential investment for every small business,” says Neilson.

Here are his game-winning strategies for a safer cyberspace for your business:

1. Education and Training – Staff training on cybersecurity is a must. Employees should recognize potential threats and understand best practices.

2. Anti-virus Software – Having this software installed on all devices connected to your business network is a basic measure that should not be overlooked.

3. Software Updates – Ensure that all your programs, particularly your operating system and internet browser, are up to date to protect against malware.

4. Backups and Encryption – Regularly backup your business data and encrypt sensitive information to protect it in the event of a cyber attack.

5. Two-factor Authentication (2FA) – Activate 2FA on all systems holding sensitive data to reduce the risk of unauthorised access.

6. Incident Response Plan – Even with robust precautions, attacks might occur. An incident response plan ensures smooth recovery and minimises downtime and damage.

Sustaining Cybersecurity Efforts

Maintaining cybersecurity is a constant endeavour, not a one-time project. Businesses need to assess their digital stockade periodically, investing in the latest technologies and continual staff education.

Let’s heed the wisdom from Neilson: “In our interconnected world, the axiom “better safe than sorry” is more relevant than ever. Cybersecurity demands perpetual vigilance and adaptation.”

With this knowledge, let’s forge ahead in cementing the digital security of our businesses. As we commemorate National Cybersecurity Week, arm your business with a digital shield and set a robust line of defence against the cyber threats of the digital age.

The post Knowing your enemy: 1/3 Australian SMEs have been victims of cybercrime appeared first on Small Business Connections.

Mr. Billson supports the decision announced today by Attorney-General Mark Dreyfus to remove the privacy exemption for small business and is working with the Australian Government to ensure new regulations are right-sized and appropriate for small business, easy to implement with clear advice and timelines and will give confidence to customers.

“It is not credible for small business to have a blanket exemption from providing necessary and appropriate protection of the personal information they have about their customers, staff, and other businesses they are dealing with,” Mr Billson said.

“To make this change work and to provide confidence to the community, we need to have right-sized and appropriate requirements that are readily implementable by a small business.

“While the exemption is no longer tenable, nor is it practical to apply a full suite of privacy principles to a small business –  principles that big business and government agencies need to decipher, interpret and apply to their circumstances which a small or family business can never hope to have the resources or staff to navigate and implement.”

Mr. Billson said he welcomed the Attorney-General’s acknowledgment of the special circumstances and limited time and resources of small business and that the exemption would only be removed following an impact analysis once what replaces it has been determined through consultation with the small business community, consideration of a support package and a transition period giving small businesses time to prepare.

“We have been engaging constructively with the Attorney-General and his department and look forward to continuing to do so to establish a right-sized, actionable, fit-for-purpose, and efficient approach to privacy protections and personal information management with appropriate support and guidance,” Mr Billson said.

“Small businesses will need clear guidance on the active steps they can take to protect the information of their customers, their staff, and themselves and to fulfill their responsibilities. This may include procedural templates, information guides, and checklists explaining the clear steps required to meet their privacy obligations.

“And it would be sensible to join this up with other important reforms around cyber risk management, Digital ID, payment times, deepening the digital engagement of small business and the responsible use of artificial intelligence.

“Small businesses themselves know they can lose business if customers lose confidence in their ability to protect personal information and will benefit from increased certainty around the way information is being managed and protected.

“A cyber hack or malicious information release is harmful at many levels, including for the targeted small business as it can irreparably damage the businesses’ ability to operate and it may never recover or re-earn the confidence of its employees, customers, suppliers, and partners.”

The post New privacy regulations for small business coming soon appeared first on Small Business Connections.